Edit file File name : ssl.cpython-38.pyc Content :U �;rcH� � @ s� d Z ddlZddlZddlmZ ddlmZmZ m Z ddlZddlm Z mZmZ ddlmZmZmZ ddlmZmZmZmZmZmZmZ ddlmZmZ dd lmZmZm Z m!Z! zdd lm"Z" W n e#k r� Y nX ddlm$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z- ddlm.Z.m/Z/ e j0d e1dd� ed� ej0de1dd� ed� e j0de1dd� ed� e j0de1dd� ed� ej0de1dd� ed� e j0de1dd� ed� e2j3 Z4e2_4dd� e2j5�6� D �Z7e8e2dd�Z9G dd� de �Z:G d d!� d!e �Z;G d"d#� d#e �Z<G d$d%� d%e �Z=ej>d&k�r"dd'lm?Z?m@Z@ dd(lAmAZAmBZBmCZCmDZD dd)lAmEZEmFZF ddlAZGddlHZHddlIZIddlJZJeKZLd*gZMeNed+�ZOe.ZPeZQd,d-� ZRd.d/� ZSd0d1� ZTd2d3� ZUed4d5�ZVd6d7� ZWG d8d9� d9ed9d:��ZXG d;d<� d<eXe�ZYG d=d>� d>e�ZZeYj[fdddd?�d@dA�Z\e3fe]dBeYj[ddddddC�dDdE�Z^e\Z_e^Z`G dFdG� dG�ZadHdI� ZbG dJdK� dKeA�ZceceZ_deaeZ_edddBe]e3ddLdLdf dMdN�ZfdOdP� ZgdQZhdRZidSdT� ZjdUdV� Zke3dfdWdX�ZldYdZ� ZmdS )[a� This module provides some more Pythonic support for SSL. Object types: SSLSocket -- subtype of socket.socket which does SSL over the socket Exceptions: SSLError -- exception raised for I/O errors Functions: cert_time_to_seconds -- convert time string used for certificate notBefore and notAfter functions to integer seconds past the Epoch (the time values returned from time.time()) fetch_server_certificate (HOST, PORT) -- fetch the certificate provided by the server running on HOST at port PORT. No validation of the certificate is performed. Integer constants: SSL_ERROR_ZERO_RETURN SSL_ERROR_WANT_READ SSL_ERROR_WANT_WRITE SSL_ERROR_WANT_X509_LOOKUP SSL_ERROR_SYSCALL SSL_ERROR_SSL SSL_ERROR_WANT_CONNECT SSL_ERROR_EOF SSL_ERROR_INVALID_ERROR_CODE The following group define certificate requirements that one side is allowing/requiring from the other side: CERT_NONE - no certificates from the other side are required (or will be looked at if provided) CERT_OPTIONAL - certificates are not required, but if provided will be validated, and if validation fails, the connection will also fail CERT_REQUIRED - certificates are required, and will be validated, and if validation fails, the connection will also fail The following constants identify various SSL protocol variants: PROTOCOL_SSLv2 PROTOCOL_SSLv3 PROTOCOL_SSLv23 PROTOCOL_TLS PROTOCOL_TLS_CLIENT PROTOCOL_TLS_SERVER PROTOCOL_TLSv1 PROTOCOL_TLSv1_1 PROTOCOL_TLSv1_2 The following constants identify various SSL alert message descriptions as per http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6 ALERT_DESCRIPTION_CLOSE_NOTIFY ALERT_DESCRIPTION_UNEXPECTED_MESSAGE ALERT_DESCRIPTION_BAD_RECORD_MAC ALERT_DESCRIPTION_RECORD_OVERFLOW ALERT_DESCRIPTION_DECOMPRESSION_FAILURE ALERT_DESCRIPTION_HANDSHAKE_FAILURE ALERT_DESCRIPTION_BAD_CERTIFICATE ALERT_DESCRIPTION_UNSUPPORTED_CERTIFICATE ALERT_DESCRIPTION_CERTIFICATE_REVOKED ALERT_DESCRIPTION_CERTIFICATE_EXPIRED ALERT_DESCRIPTION_CERTIFICATE_UNKNOWN ALERT_DESCRIPTION_ILLEGAL_PARAMETER ALERT_DESCRIPTION_UNKNOWN_CA ALERT_DESCRIPTION_ACCESS_DENIED ALERT_DESCRIPTION_DECODE_ERROR ALERT_DESCRIPTION_DECRYPT_ERROR ALERT_DESCRIPTION_PROTOCOL_VERSION ALERT_DESCRIPTION_INSUFFICIENT_SECURITY ALERT_DESCRIPTION_INTERNAL_ERROR ALERT_DESCRIPTION_USER_CANCELLED ALERT_DESCRIPTION_NO_RENEGOTIATION ALERT_DESCRIPTION_UNSUPPORTED_EXTENSION ALERT_DESCRIPTION_CERTIFICATE_UNOBTAINABLE ALERT_DESCRIPTION_UNRECOGNIZED_NAME ALERT_DESCRIPTION_BAD_CERTIFICATE_STATUS_RESPONSE ALERT_DESCRIPTION_BAD_CERTIFICATE_HASH_VALUE ALERT_DESCRIPTION_UNKNOWN_PSK_IDENTITY � N)� namedtuple)�Enum�IntEnum�IntFlag)�OPENSSL_VERSION_NUMBER�OPENSSL_VERSION_INFO�OPENSSL_VERSION)�_SSLContext� MemoryBIO� SSLSession)�SSLError�SSLZeroReturnError�SSLWantReadError�SSLWantWriteError�SSLSyscallError�SSLEOFError�SSLCertVerificationError)�txt2obj�nid2obj)�RAND_status�RAND_add� RAND_bytes�RAND_pseudo_bytes)�RAND_egd) �HAS_SNI�HAS_ECDH�HAS_NPN�HAS_ALPN� HAS_SSLv2� HAS_SSLv3� HAS_TLSv1�HAS_TLSv1_1�HAS_TLSv1_2�HAS_TLSv1_3)�_DEFAULT_CIPHERS�_OPENSSL_API_VERSION� _SSLMethodc C s | � d�o| dkS )NZ PROTOCOL_�PROTOCOL_SSLv23�� startswith��name� r, �/usr/lib/python3.8/ssl.py�<lambda>| � r. )�source�Optionsc C s | � d�S )NZOP_r( r* r, r, r- r. � r/ ZAlertDescriptionc C s | � d�S )NZALERT_DESCRIPTION_r( r* r, r, r- r. � r/ ZSSLErrorNumberc C s | � d�S )NZ SSL_ERROR_r( r* r, r, r- r. � r/ �VerifyFlagsc C s | � d�S )NZVERIFY_r( r* r, r, r- r. � r/ � VerifyModec C s | � d�S )NZCERT_r( r* r, r, r- r. � r/ c C s i | ]\}}||�qS r, r, )�.0r+ �valuer, r, r- � <dictcomp>� s r6 ZPROTOCOL_SSLv2c @ s6 e Zd ZejZejZejZ ej ZejZ ejZejZdS )� TLSVersionN)�__name__� __module__�__qualname__�_sslZPROTO_MINIMUM_SUPPORTEDZMINIMUM_SUPPORTEDZPROTO_SSLv3�SSLv3ZPROTO_TLSv1ZTLSv1Z PROTO_TLSv1_1ZTLSv1_1Z PROTO_TLSv1_2ZTLSv1_2Z PROTO_TLSv1_3ZTLSv1_3ZPROTO_MAXIMUM_SUPPORTEDZMAXIMUM_SUPPORTEDr, r, r, r- r7 � s r7 c @ s( e Zd ZdZdZdZdZdZdZdZ dS ) �_TLSContentTypez@Content types (record layer) See RFC 8446, section B.1 � � � � � � N) r8 r9 r: �__doc__�CHANGE_CIPHER_SPEC�ALERTZ HANDSHAKEZAPPLICATION_DATA�HEADERZINNER_CONTENT_TYPEr, r, r, r- r= � s r= c @ s� e Zd ZdZdZdZdZdZdZdZ dZ d Zd ZdZ dZd ZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZ dZ!d Z"d!Z#d"Z$d#Z%d$S )%� _TLSAlertTypezQAlert types for TLSContentType.ALERT messages See RFC 8466, section B.2 r � r>